Author Posts

December 19, 2013 at 2:05 am

Hi,

I am trying to write a basic script/function to create a new user in AD, i want some of the information to be pre populated and some to be input by the admin who uses the script. Here it is.

# Script foe New user.
Function newaduser {
Param (
$name,
$dispname,
$desc,
$title,
$depar,
$SamName
)
New-aduser -Name $name -DisplayName $dispname -SamAccountName $SamName -Description $desc -Office "Office" -Company "Company" UK -City "City" -State "State"
-PostalCode "Post Code"
}

So the variables i want to be prompted for are those defined in the Param section. I know there are ways to get text on screen with Write-Output. If i run the script nothing happens. If i call the function newaduser and run it with -whatif it complains that the first variable $name is empty. This is good as i want it to prompt for the users name. Can i create my own message to say, "Please input users name" rather than the error message?

Sorry if my technical terms aren't correct, still new to all this and learning the ropes.

Cheers,

Jay

December 19, 2013 at 3:00 am

This is not a recommended approach but if you have to adopt this mechanism of getting data into your scripts – modify your code like this:

# Script foe New user.
function newaduser {
[CmdletBinding()]
Param (
[Parameter(Mandatory=$true)]
$name,

[Parameter(Mandatory=$true)]
$dispname,

[Parameter(Mandatory=$true)]
$desc,

$title,
$depar,

[Parameter(Mandatory=$true)]
$SamName
)
New-aduser -Name $name -DisplayName $dispname -SamAccountName $SamName -Description $desc -Office “Office” -Company “Company” UK -City “City” -State “State”
-PostalCode “Post Code”
}

I've had to guess as to which parameters you actually want because you don't use all of the parameters you've listed in your function in the New-ADUser cmdlet.

Add [CmdletBinding()]
Add [Parameter(Mandatory=$true)] on each parameter for which you want to be prompted. When you run the function PowerShell will prompt you for input data:
£> newaduser
cmdlet newaduser at command pipeline position 1
Supply values for the following parameters:
name:

etc

A much better approach is to use the PowerShell pipeline.

Create a CSV with you data. Use headings like:
Name, DisplayName, Desc, Samname

Modify your function like this:
function newaduser {
[CmdletBinding()]
Param (
[Parameter(ValueFromPipelineByPropertyName=$true)]
$name,

[Parameter(ValueFromPipelineByPropertyName=$true)]
$dispname,

[Parameter(ValueFromPipelineByPropertyName=$true)]
$desc,

$title,
$depar,

[Parameter(ValueFromPipelineByPropertyName=$true)]
$SamName
)
New-aduser -Name $name -DisplayName $dispname -SamAccountName $SamName -Description $desc -Office “Office” -Company “Company” UK -City “City” -State “State”
-PostalCode “Post Code”
}

you can then do

import-csv userdata.csv | newaduser

December 19, 2013 at 6:39 am

Hi Richard,

Thank you for your help its much appreciated. Didn't mean to forget the title and depar parameters!

The reason i want to use the 'non recommended' way is that i want an email to be generated on the basis of whether the function has been processed successfully or not. I think i am going to make the CSV type and the prompt type. Its all good practice to try different things. Ill update this with what i create and the additional questions i will no doubt have whilst doing this.

Cheers again,

Jay

December 19, 2013 at 8:30 am

Hi all,

You there Rich haha!?

I have all the prompts working but need help with one that is a bit different.

Function newaduser {
[CmdletBinding()]
Param (
[Parameter(Mandatory=$true)]
$Userspassword,

$CreateSecure =(ConvertTo-SecureString $Userspassword -AsPlainText -Force),

[Parameter(Mandatory=$true)]
$Username,

[Parameter(Mandatory=$true)]
$surname,

#....Other parameters in here......#

$otherAttrib
)

New-aduser -AccountPassword $CreateSecure #.....More code.....# -OtherAttributes $telnumber @{'telephoneNumber' = "$telNumber"}, $firstname @{'givenName' = "$firstname"}

So what i want to do is get a prompt for two variables that are defined with the -OtherAttributes parameter. These are telephoneNumber and givenName. How would i do this in the param section? I was thinking to do..

Function newaduser {
[CmdletBinding()]
Param (
[Parameter(Mandatory=$true)]
$Userspassword,

[Parameter(Mandatory=$true)]
$telnumber,

[Parameter(Mandatory=$true)]
$givenName
)

But then i would be populating the variable to call the parameter with the same information as i want to put in the actual variable e.g. -OtherAttributes (555-689) $telnumber @{'telephoneNumber' = (555-689)"$telNumber"}

Is there a way to do this?

Cheers,

Jay

December 19, 2013 at 8:55 am

First check out the syntax of New-ADUser – either using Get-Help or online at http://technet.microsoft.com/en-us/library/ee617253.aspx

Notice the parameters I've highlighted

New-ADUser [-Name] [-AccountExpirationDate ] [-AccountNotDelegated ] [-AccountPassword ] [-AllowReversiblePasswordEncryption ] [-AuthType { | }] [-CannotChangePassword ] [-Certificates ] [-ChangePasswordAtLogon ] [-City ] [-Company ] [-Country ] [-Credential ] [-Department ] [-Description ] [-DisplayName ] [-Division ] [-EmailAddress ] [-EmployeeID ] [-EmployeeNumber ] [-Enabled ] [-Fax ] [-GivenName ] [-HomeDirectory ] [-HomeDrive ] [-HomePage ] [-HomePhone ] [-Initials ] [-Instance ] [-LogonWorkstations ] [-Manager ] [-MobilePhone ] [-Office ] [-OfficePhone ] [-Organization ] [-OtherAttributes ] [-OtherName ] [-PassThru ] [-PasswordNeverExpires ] [-PasswordNotRequired ] [-Path ] [-POBox ] [-PostalCode ] [-ProfilePath ] [-SamAccountName ] [-ScriptPath ] [-Server ] [-ServicePrincipalNames ] [-SmartcardLogonRequired ] [-State ] [-StreetAddress ] [-Surname ] [-Title ] [-TrustedForDelegation ] [-Type ] [-UserPrincipalName ] [-Confirm] [-WhatIf] []

You should use -GivenName and -OfficePhone rather than -OtherAttributes for setting those two values. -OtherAttributes is for the weird stuff.

You will need to prompt for each.

If you are creating multiple accounts its better to create a CSV file as I stated in my first reply. Asking for data at the prompt gets painful after a while

December 20, 2013 at 3:13 am

Thanks Richard, i overlooked this and thought the parameters were not available, hence why i used the LDAP stuff through -OtherAttributes. -GivenName and -OfficePhone work great thanks.

If i use the syntax you suggested then import a csv and pipe it to the newaduser function, it still prompts me for each parameter, which i would expect. When i take out the [Parameter(Mandatory=$true)] for each variable, and try to run it again it tells me that it cant bind the $Userspassword variable to a string as it is null. Does this mean that it cant read the information from the csv?

If i call the csv it shows all of the information i expect.

Userpassword : Pa55w0rd!
Username : Mxmas
FirstName : Merry
surname : Xmas
dispname : Merry Xmas
desc : Festive Cheer
title : Mr
depar : Toy Store
telnumber : 1242568569
SamName : Mxmas

Userpassword : Pa55w0rd!
Username : MrT
FirstName : Mister
surname : T
dispname : Mister T
desc : Dude
title : Mr
depar : A-Team
telnumber : 1245659884
SamName : MrT

Userpassword : Pa55w0rd!
Username : Aroberts
FirstName : Amy
surname : Roberts
dispname : Amy Roberts
desc : Welshy
title : Miss
depar : Cottage
telnumber : 124267500
SamName : Aroberts

Am i missing something here? Not sure why it wont pass. Here is the whole script.

# Script foe New user.
Function newaduser {
[CmdletBinding()]
Param (
$Userspassword,
$CreateSecure =(ConvertTo-SecureString $Userspassword -AsPlainText -Force),
$Username,
$FirstName,
$surname,
$dispname,
$desc,
$title,
$depar,
$telnumber,
$SamName

)

New-aduser -AccountPassword $CreateSecure -changepasswordatlogon $false -enabled $true -Name $Username -GivenName $firstname -surname $surname `
-DisplayName $dispname -EmailAddress "$SamName@ipipeline.com" -SamAccountName $SamName -userprincipalname $SamName -Description $desc -Title $title `
-Department $depar -OfficePhone $telnumber -Company iPipelineUK -City Cheltenham -State Gloucestershire -PostalCode GL501TA
}

import-csv -Path C:\UserInput.csv | newaduser

December 20, 2013 at 9:34 am

Your newaduser function isn't set up to accept pipeline input yet. In order to pipe your CSV in that way, you'd need to make sure each parameter has the "ValueFromPipelineByPropertyName" attribute set to True, and that each field in the CSV file matches either the name or an alias of the parameters in the function. You would also need to move the code inside the function into a "process" block. If you're not passing "CreateSecure" in as a parameter, that assignment belongs in the Process block as well, not in the param block. For example (not tested, just modified your last post's code slightly):

Function newaduser {
    [CmdletBinding()]
    Param (
        [Parameter(ValueFromPipelineByPropertyName = $true)]
        [string]
        $Userspassword,
        
        [Parameter(ValueFromPipelineByPropertyName = $true)]
        [string]
        $Username,
        
        [Parameter(ValueFromPipelineByPropertyName = $true)]
        [string]
        $FirstName,
        
        [Parameter(ValueFromPipelineByPropertyName = $true)]
        [string]
        $surname,
        
        [Parameter(ValueFromPipelineByPropertyName = $true)]
        [string]
        $dispname,
        
        [Parameter(ValueFromPipelineByPropertyName = $true)]
        [string]
        $desc,
        
        [Parameter(ValueFromPipelineByPropertyName = $true)]
        [string]
        $title,
        
        [Parameter(ValueFromPipelineByPropertyName = $true)]
        [string]
        $depar,
        
        [Parameter(ValueFromPipelineByPropertyName = $true)]
        [string]
        $telnumber,
        
        [Parameter(ValueFromPipelineByPropertyName = $true)]
        [string]
        $SamName
    )

        process
        {
            $CreateSecure = (ConvertTo-SecureString $Userspassword -AsPlainText -Force)

            New-aduser -AccountPassword $CreateSecure -changepasswordatlogon $false -enabled $true -Name $Username -GivenName $firstname -surname $surname `
            -DisplayName $dispname -EmailAddress “$SamName@ipipeline.com” -SamAccountName $SamName -userprincipalname $SamName -Description $desc -Title $title `
            -Department $depar -OfficePhone $telnumber -Company iPipelineUK -City Cheltenham -State Gloucestershire -PostalCode GL501TA
        }
}

import-csv -Path C:\UserInput.csv | newaduser

December 23, 2013 at 6:41 am

Thank you for your help Dave!

I was still struggling to get the script to run, it kept complaining the $Userpassword variable was empty, upon inspection it was, i was trying to pass $UserPassword and convert to a secure string but there was nothing there. When i thought about it, when the users are created they can have any password and i can get them to change password when they first logon. Therefore i simply populated the $Userspassword variable with a password and the script runs beautifully!

Now onto refining it further and getting it to send emails when it has run successfully!